I don’t know how many times I’ve been working with someone and while giving them the server’s full host name, I stumble over the phrase “.eastern.ewu.edu”. So, I’ve coined the term: “dot triple e”. Isn’t that so much easier to say than “.eastern.ewu.edu”? I think so as has most others that I shared my idea with.

But, why stop there? Is pronouncing “.ewu.edu” any better? (Try saying that 10 times fast.) Most of the time I hear it pronounced it gets mumbled through because its so hard to say. There are just too many oo’s and e sounds. We all know what the other person is trying to say, but we sound dumb doing it. Well, no longer… along with introducing “dot triple E”, I give you “dot double E”.

Paul Klinger has taken it one step further. Let’s short-hand the typing as well as the pronunciation:
.eastern.ewu.edu = .E³ (or .3E is acceptable for the ASCII code impaired*)
.ewu.edu = .E² (.2E is acceptable for the ASCII code impaired*)

Thanks to the good thinking of Brian McCracken, the standard has also been amended to include: pronouncing the “dot” in either case is also optional. For example, “access double e”. I personally like the “dot”, but if you want to really streamline… here you go.

Perhaps you won’t choose to use these new terms, but now you’ll understand those that do.

* the squared symbol (²) can be generated by holding down the ALT key while typing “0178” (without the double quotes), then releasing the ALT key. The cubed symbol (³) using “0179”.

Over the past week or so I’ve been working to federate EWU with InCommon®. Most schools use Shibboleth®, but we already have Active Directory Federation Service (ADFS) in use here, so I’ve undertaken the challenge to use ADFS.

InCommon has a test service provider that I should be able to sign into if everything is configured properly. However when I connect I get a response that the “X509SerialNumber must have TextContent.” After digging through the saml responses to several other service providers, I found that many of the self-signed certs used by some of the SPs have a serial number of zero (0). When ADFS signs/encrypts the saml response, it does not return the serialNumber of the cert used, but instead returns an empty serialNumber xml element. (<serialNumber />). Shibboleth does not like that at all.

Now it is time to dig through the xml signing/encryption specs to determine who is right and who is wrong. Then go through the process of notifying the losing “vendor”. My gut says that I’ll probably be standing up a Shibboleth server by the time everything is said and done.

The optimizer expands a condition that uses the ANY or SOME comparison operator followed by a parenthesized list of values into an equivalent condition that uses equality comparison operators and OR logical operators.

In the following example, the optimizer expands the first condition into the second:

salary > ANY (:first_sal, :second_sal)

is transformed into

salary > :first_sal OR salary > :second_sal

The optimizer transforms a condition that uses the ANY or SOME operator followed by a subquery into a condition containing the EXISTS operator and a correlated subquery.

In the following example, the optimizer transforms the first condition into the second:

The optimizer expands a condition that uses the ALL comparison operator followed by a parenthesized list of values into an equivalent condition that uses equality comparison operators and AND logical operators.

In the following example, the optimizer expands the first condition into the second:

salary > ALL (:first_sal, :second_sal)

is transformed into

salary > :first_sal AND salary > :second_sal

The optimizer transforms a condition that uses the ALL comparison operator followed by a subquery into an equivalent condition that uses the ANY comparison operator and a complementary comparison operator. In the following example, the optimizer transforms the first condition into the second:

x > ALL (SELECT salary FROM employees WHERE department_id = 50)

is transformed into

NOT (x <= ANY (SELECT salary FROM employees WHERE department_id = 50) )

The optimizer then further transforms the second query into the following query using the rule for transforming conditions with the ANY comparison operator, followed by a correlated subquery:

CASifying the AssetWORKS AiM application for use with SSO was extremely straight forward. AiM uses getRemoteUser() and thus it follows the standard setup using the JA-SIG CAS Client for Java.

The only gotcha we found is that AiM doesn’t do any initial authorization checking so the main page comes up for all users, not just those in the AiM database. We had to assign some reports to specific groups so that they didn’t show to the un-authorized users, but that was it. Everything else that they could see wasn’t an issue. At some point we’ll probably add a custom filter than will provision users as their is a desire to put surveys for the campus community online.

Instructions

Open the web.xml file for editing:

Find the Filter with filter-name equal to “Form Based Authentication Filter”